diff options
| author | Scott Long <scottl@FreeBSD.org> | 2004-05-25 14:20:51 +0000 |
|---|---|---|
| committer | Scott Long <scottl@FreeBSD.org> | 2004-05-25 14:20:51 +0000 |
| commit | 3bca303ce32a03dc017160f1ec5af94c5273f6e3 (patch) | |
| tree | fda805e90e0fd0266db726f95d43d7ad4602980a | |
| parent | ce6b0610dce1a1eb39bafe4999361b05df85c3e4 (diff) | |
Notes
| -rw-r--r-- | release/doc/en_US.ISO8859-1/errata/article.sgml | 29 |
1 files changed, 28 insertions, 1 deletions
diff --git a/release/doc/en_US.ISO8859-1/errata/article.sgml b/release/doc/en_US.ISO8859-1/errata/article.sgml index 7cde55be385d..52c95458b667 100644 --- a/release/doc/en_US.ISO8859-1/errata/article.sgml +++ b/release/doc/en_US.ISO8859-1/errata/article.sgml @@ -135,7 +135,34 @@ <title>Late-Breaking News</title> <![ %release.type.release [ - <para>No news.</para> + + <para>(20 May 2004) A security problem was discovered + in <application>CVS</application> but the release notes + did not state that since it was very late in the release cycle. + &os; &release.prev; includes a fix for it and is not vulnerable. + For the details, see the security advisory + <ulink url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:10.cvs.asc">FreeBSD-SA-04:10</ulink>.</para> + + <para>(23 May 2004) As a side effect of closing a security problem + related to &man.msync.2;, the <literal>MS_INVALIDATE</literal> + flag no longer guarantees that all pages in the range are + invalidated. This can cause problems when pages are backed by a remote file + (e.g. via NFS) where other machines can write to the permanent storage since + the local pages not being invalidated might then contain stale data. The + security problem being addressed is a strictly local exploit, and only + allows a local user to block the writing of data to a file under certain + circumstances. Users who require the old semantics of + <literal>MS_INVALIDATE</literal> and are not concerned with + the security issue being fixed can set the + <literal>vm.old_msync</literal> sysctl to <literal>1</literal> + which will revert to the old (insecure) behavior.</para> + + <para>(25 May 2004) The &man.twe.4; driver was recently updated by the + vendor. Problems have been reported in rare circumstances under + conditions that are hard to reproduce. Work is ongoing to isolate + these problems and determine their source.</para> + + ]]> <![ %release.type.snapshot [ |